Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/39Cmkq9pPb5fXQUjQiTwQRW5GR8.roa
File: 39Cmkq9pPb5fXQUjQiTwQRW5GR8.roa (raw, json)
Hash identifier: mOtu0tdibj8tTnJIqp1Yfi9NMqp4AQTZCHF5dOnr/JY=
Subject key identifier: DF:D0:A6:92:AF:69:3D:BE:5F:5D:05:23:42:24:F0:41:15:B9:19:1F
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8BAA53F83154EB5AE5895819F7A33765
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/39Cmkq9pPb5fXQUjQiTwQRW5GR8.roa
Signing time: Tue 12 Sep 2023 23:11:50 +0000
ROA not before: Tue 12 Sep 2023 23:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8b:aa:53:f8:31:54:eb:5a:e5:89:58:19:f7:a3:37:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 23:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfd0a692af693dbe5f5d05234224f04115b9191f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e3:a5:9d:c0:7d:0d:17:27:57:c5:5c:59:24:
d5:14:05:11:64:ec:70:27:d6:fb:41:94:b1:e8:f8:
4c:d4:75:7c:4a:48:0e:da:15:4e:78:c3:c2:1d:a5:
23:de:83:cb:90:2c:5c:a5:22:15:3a:03:c8:bb:b1:
c8:b8:13:02:87:c5:b4:70:0b:76:4e:d8:ed:6c:af:
34:cd:cc:a3:e2:27:21:d9:ad:2e:a1:40:27:d8:be:
ef:50:c8:29:8e:93:43:21:c9:de:b2:bc:45:41:18:
22:80:2a:2b:56:a5:c7:39:4e:93:7c:4f:20:ed:da:
46:9e:e7:58:af:a4:7e:35:a1:34:75:84:b9:7f:55:
ca:96:1b:47:ca:a1:bb:3a:1c:7f:4d:a8:3a:18:46:
fa:59:45:a0:1d:3b:88:02:ff:10:d3:95:49:ad:7c:
14:38:03:46:30:2d:84:9a:23:67:96:1a:69:21:69:
4f:11:b6:3d:1c:8f:cf:c3:6c:c2:e0:31:f0:81:91:
0e:aa:77:8d:42:d6:2b:38:86:5a:58:e0:bd:be:24:
4c:cc:80:7a:e5:1f:1b:2d:03:95:70:86:e5:cc:9a:
b3:91:67:3b:ef:e5:f8:f8:f2:b9:10:dc:7b:f5:c3:
45:45:52:00:d6:2c:40:b3:87:43:2d:90:63:b6:2c:
1f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D0:A6:92:AF:69:3D:BE:5F:5D:05:23:42:24:F0:41:15:B9:19:1F
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/39Cmkq9pPb5fXQUjQiTwQRW5GR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:47:71:94:78:a2:25:8c:c5:b1:b7:5a:71:ab:02:fd:09:93:
14:73:66:38:91:0d:b7:5b:87:ba:06:c8:3c:81:aa:a4:ae:fa:
13:1c:d7:4c:b5:a4:53:d8:3c:4c:cb:a5:e3:be:50:d5:67:81:
29:5c:ba:c5:22:eb:92:8c:27:2d:59:16:42:ee:d8:64:48:fc:
50:bc:ec:80:5e:06:71:07:f6:7f:b3:f9:f6:72:ad:47:d7:21:
bf:3b:2c:6c:81:77:c4:29:05:5b:87:6b:c1:05:86:ae:d0:43:
15:a1:ea:7d:78:a8:ea:76:63:11:09:6e:30:e4:b1:28:40:a1:
43:4f:31:73:3f:24:a8:0a:04:6a:21:29:31:8f:3e:3e:64:b8:
f4:d3:75:d6:08:62:5f:a1:76:07:14:fb:e6:81:a9:64:b3:3b:
2d:72:08:9d:1e:26:43:6b:79:10:82:f4:cf:d0:e5:e1:32:db:
fd:28:0a:df:b5:29:f9:f1:57:66:1a:e4:45:4c:26:68:eb:f2:
4c:66:36:0c:f2:92:27:ec:6c:c5:54:15:b7:80:31:92:b5:c0:
62:be:d0:3d:e2:98:b8:ad:ad:0d:57:3d:20:1d:af:7e:e5:5e:
05:8a:cf:0f:c5:d4:15:e2:e4:f5:fe:78:ec:12:8d:a5:80:bf:
79:de:fb:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqLqlP4MVTrWuWJWBn3ozdlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMjMxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQwYTY5MmFmNjkzZGJlNWY1ZDA1MjM0MjI0ZjA0MTE1YjkxOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuOlncB9DRcnV8VcWSTVFAURZOxw
J9b7QZSx6PhM1HV8SkgO2hVOeMPCHaUj3oPLkCxcpSIVOgPIu7HIuBMCh8W0cAt2
TtjtbK80zcyj4ich2a0uoUAn2L7vUMgpjpNDIcnesrxFQRgigCorVqXHOU6TfE8g
7dpGnudYr6R+NaE0dYS5f1XKlhtHyqG7Ohx/Tag6GEb6WUWgHTuIAv8Q05VJrXwU
OANGMC2EmiNnlhppIWlPEbY9HI/Pw2zC4DHwgZEOqneNQtYrOIZaWOC9viRMzIB6
5R8bLQOVcIblzJqzkWc77+X4+PK5ENx79cNFRVIA1ixAs4dDLZBjtiwfRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN/QppKvaT2+X10FI0Ik8EEVuRkfMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMzlDbWtxOXBQYjVmWFFValFpVHdRUlc1R1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEFHcZR4oiWMxbG3WnGr
Av0JkxRzZjiRDbdbh7oGyDyBqqSu+hMc10y1pFPYPEzLpeO+UNVngSlcusUi65KM
Jy1ZFkLu2GRI/FC87IBeBnEH9n+z+fZyrUfXIb87LGyBd8QpBVuHa8EFhq7QQxWh
6n14qOp2YxEJbjDksShAoUNPMXM/JKgKBGohKTGPPj5kuPTTddYIYl+hdgcU++aB
qWSzOy1yCJ0eJkNreRCC9M/Q5eEy2/0oCt+1KfnxV2Ya5EVMJmjr8kxmNgzykifs
bMVUFbeAMZK1wGK+0D3imLitrQ1XPSAdr37lXgWKzw/F1BXi5PX+eOwSjaWAv3ne
+9A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:18 2025 by rpki-client